package cn.myfirefly.moming.portal.controller;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import cn.myfirefly.moming.common.model.MenuResultDto;
import cn.myfirefly.moming.portal.entity.MMSystemAccess;
import cn.myfirefly.moming.portal.service.FunctionService;
import cn.myfirefly.moming.portal.service.LoginService;
import cn.myfirefly.moming.portal.service.SystemAccessService;
import cn.myfirefly.core.BaseController;
import cn.myfirefly.core.model.Identity;
import cn.myfirefly.core.model.Permission;
import cn.myfirefly.core.model.ResultDto;
import cn.myfirefly.utils.JWTUtil;
import cn.myfirefly.utils.StrUtil;
import io.jsonwebtoken.Claims;

@RestController
@RequestMapping("/api")
public class PortalAPIController extends BaseController {
	
	@Autowired
	private SystemAccessService systemAccessService;
	
	@Autowired
	private LoginService loginService;
	
	@Autowired
	private FunctionService functionService;
	
	@RequestMapping(value={"/login.action"}, method={RequestMethod.POST})
	public ResultDto login(@RequestParam(value="systemId", required=true) String systemId, 
			@RequestParam(value="secretKey", required=true) String secretKey) {
		MMSystemAccess systemAccess = systemAccessService.getSystemAccessBySysId(new Integer(systemId));
		if (systemAccess == null) {
			return error("系统编号不存在");
		}
		if (!StrUtil.equals(secretKey, systemAccess.getSecretKey())) {
			return error("系统密钥错误");
		}
		Map<String,Object> claims = new HashMap<>();
		claims.put("systemId", systemId);
		String token = JWTUtil.createJWT("portal", claims, 60*60*1000);
		return this.success(token);
	}
	
	@RequestMapping(value={"/getPermissions.action"}, method={RequestMethod.POST})
	public ResultDto getPermissions(@RequestParam(value="systemId", required=true) String systemId, 
			@RequestParam(value="loginName", required=true) String loginName,
			@RequestParam(value="token", required=true) String token) {
		Claims claims = JWTUtil.parseJWT(token);
		if (claims == null) {
			return error("token验证失败");
		}
		Map<String, Permission> permissionMap = loginService.getPermissions(new Integer(systemId), loginName);
		ResultDto resultDto = success();
		resultDto.setPermissions(permissionMap);
		return resultDto;
	}
	
	@RequestMapping(value={"/getMenus.action"}, method={RequestMethod.POST})
	public ResultDto getMenus(@RequestParam(value="systemId", required=true) String systemId, 
			@RequestParam(value="loginName", required=true) String loginName,
			@RequestParam(value="token", required=true) String token, HttpServletRequest request) {
		Claims claims = JWTUtil.parseJWT(token);
		if (claims == null) {
			return error("token验证失败");
		}
		boolean isAdmin = false;
		Identity identity = getLoginUser(request);
		if (identity != null) {
			isAdmin = identity.isAdmin();
		} else {
			if (StrUtil.equals("admin", loginName)) {
				isAdmin = true;
			}
		}
		List<MenuResultDto> list = null;
		if (isAdmin) {
			list = functionService.getMenus(new Integer(systemId));
		} else {
			list = functionService.getMenus(loginName, new Integer(systemId));
		}
		ResultDto resultDto = success();
		resultDto.setData(list);
		return resultDto;
	}
}
